be fixed anyway?
BTW, what about the other method you suggested above: NSS compares the
DER-encoded names using SECITEM_ItemsAreEqual. The DER form is also in
the CERTCertificate struct. Could you give me a code snippet for
generating a SECITEM from my fixed string myDNString?
-- POC
( myCert ); /* Get the cert */
expectedName = CERT_AsciiToName( myDNstring) /* Convert my fixed DN
string */
compResult = CERT_CompareName( cert-subject, expectedName );
if ( compResult == SECEqual ) {
printf( Cert subject matches myDNstring\n );
}
Whatchya think?
-- POC
have it right?
-- POC
___
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
which provides a software implementation of a PKCS#11 module.
-- POC
___
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
...)
-- POC
___
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
Does the following vulnerability with ASN1, noted in some versions of
openSSL, also affect NSS?
http://www.cert.org/advisories/CA-2003-26.html
-- POC
___
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
to
code a MT app using NSS, that does not exhibit signs of memory
leaks...
So does selfserv have a known memory leak?
-- POC
___
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
notified somewhere...
How do I get the client to return from reap_threads() so it can then
call destroy_thread_data() and exit properly?
BTW, I'm launching this client app from the command line and it's
talking to the selserv app under mozilla\security\nss\cmd\selfserv.
-- POC
What other PKI operations my server could be doing with NSS v3.8 that
would involve CRLs if all my clients are connecting anonymously?
In any case, I did more investigating and it looks like the Bus
error which is causing the app to dump core is being caused by the
system running out of system
not be even touching these CRLs since my client is connecting
anonymously...
My NSS server app is a multi-process app that initializes the sec dbs
multiple times like the app in security\nss\cmd\selfserv.c.
-- POC
The original problem is back...
For yet unknown reasons, the CERT_VerifyCertNow (and
CERT_VerifyCertificateNow) in my cert auth callback function return
the error code SEC_ERROR_CRL_NOT_FOUND, even though the CRL is clearly
in the cert db...
The weird thing is that this seems to be a problem on
I'm calling CERT_GetCertNicknames(CERT_GetDefaultCertDB(),
SEC_CERT_NICKNAMES_CA, NULL) but the nicknames for my CA certs are not
returned. The CA certs reside on a PKCS#11 module which should be automatically
loaded after initialization, or do I need to explicitly load the module?
-- POC
Hello,
I'm trying to understand selfserv 's logic for creating multiple
processes. I looks like it uses the string returned from envString =
getenv(envVarName) to decide if it's the parent or one of the
children. But where is that environment variable set?
-- POC
when done decoding? I'm currently using
SEC_DestroyCrl(signedCrl).
-- POC
, then the object is
destroyed
** and optionally freed.
What if I definitely want to free the CERTCertificate object memory?
Wouldn't this function cause a memory leak if I repeatedly call
CERT_FindCertByName/DestroyCertificate and the memory is *optionally
freed*?
-- POC
Does the cert8.db certificate database upgrade introduced in NSS 3.7
fix the CRL problem seen in cert7.db whereby large CRLs would corrupt
the database?
-- POC
Hello,
I'm curious, will the AOL Time Warner financial woes affect the NSS
project at all? What about the Mozilla project as a whole, is it still
a Netscape fincanced operation?
-- POC
= new PKCS8EncodedKeySpec(
encodedBytes ) where the encodedBytes would be found in the
SECKEYEncryptedPrivateKeyInfo's encryptedData object (in NSS), or the
bytes returned by jss.crypto.CryptoStore.getEncryptedPrivateKeyInfo
(from JSS)?
-- POC
edit: is not a regular file at certdata.perl line
48.
2. The trust flags specified when running addbuiltin do not stay the
same after listing the cert with certutil: E.g., I specified trust
flags c,, when running addbuiltin, but certutil shows p,p,p when
listing the cert...
-- POC
a separate
assembler such as the Microsoft Macro Assembler (MASM), executable
name ML.EXE. Got mine at
http://users.easystreet.com/jkirwan/pctools.html
-- POC
with sh.exe and/or shmsdos.exe??
Please refresh my memory :)
Thanks.
-- POC
RNG_SystemInfoForRNG(), a crash could result...
Shouldn't NSS check for situations when the calling process'
environment is null?
-- POC
, at one time, importing large CRLs caused a corruption of the
cert DB: Have all the problems related to this issue been fixed as of
NSS 3.4 (I'm currently using NSS 3.4.2)? Are there any outstanding
problems concerning the import of CRLs in the cert DB?
-- POC
...
Also, where on mozilla's Web site can I find a time table for future
NSS releases (e.g., NSS 3.5)?
-- POC
24 matches
Mail list logo